The Status of Chromebook Privacy

The world has entered the digital age, an era in which technology is everything. Representative of this paradigm shift is IHS’s transition to Chromebook usage. Assignments once distributed in the form of paper are now posts on Google Classroom; the reduction in paper usage and the ability to share information quickly are often cited benefits of the use of Chromebooks. However, there are multiple major concerns that are associated with the Google Chromebook, and one issue potentially troubling for users is the issue of privacy with the Chromebooks and school Google accounts.

First, a brief background on Chromebooks: Chromebooks are manufactured by Google, and run on an operating system titled “Chrome OS.” Their purpose is to provide an affordable cloud-based computer that will be able to access the web and Google’s proprietary suite of applications, but not too much more (that is, without the installation of a new operating system). ICSD has purchased them through the “Google for Education” program, which allows Chromebooks to be easily set up for a school environment and managed by the district’s IT team.

One of Google’s guarantees about Chromebook privacy is that the personal information of students will not be sold. In response to a frequently asked question regarding the sale of information to third parties, Google states, “We don’t sell your G Suite data to third parties, and we do not share personal information placed in our systems with third parties, except in the few exceptional circumstances described in the G Suite agreement and our Privacy Policy.” While initially hesitant, in January 2015, Google finally signed the Student Privacy Pledge, a pledge that prohibits the collection and usage of student information.

However, Google’s estimated $72 billion footprint in the advertising business and the inherent cloud-based nature of Chromebooks has a number of users skeptical about whether their Chromebook and Google Account data is truly private. The Electronic Frontier Foundation (EFF), a “leading nonprofit organization defending civil liberties in the digital world,” has complained to the Federal Trade Commission that Google was collecting data on students when they shouldn’t have. The EFF’s studies suggested that Google was using information that was automatically synced from school accounts for data-mining purposes, albeit not for advertising purposes. The sync option is presented in Chromebook settings, and by default, it syncs all data (including browsing history and bookmarks) to Google’s servers. If these claims are true, Google violated the Student Privacy Pledge by collecting and using personal student data for non-educational purposes without parental consent.

Following this event and the controversy that followed, Google released a public statement saying that they do not use the data-mined information for ad-targeting. However, they have not ceased their collection of data in non-Google Apps services, along with their collection of Chromebook data, including Chromebook model, hardware settings, system activity, and more.

Additionally, Google, as a contractor, is able to identify itself as a “school official” to be exempt from regulations on getting student data set forth by FERPA, the federal student privacy statue. Contractors are not under the same restrictions that necessitate parental consent for gaining access to student data as other private entities.

There’s no doubt that the rapid introduction of Chromebooks and similar classroom technology into our public education systems is changing the scene. However, the past behavior of Google regarding student privacy―along with their current policies―leave it unclear if Google has the interests of students and parents in mind with their Google Chromebooks, and whether the forfeiture of the right to personal privacy is inevitable in this day and age.